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Remarks 

I. Status of Claims 

Without prejudice, the claims have been amended to more clearly identify the 
subject matter Applicant regards as his invention. Specifically, Claims 1, 14 and 22 
have been amended to indicate that the TIO comprises a plurality of hash values with 
each hash value corresponding to a trusted entities certificate (e.g., a CA root 
certificate or an SSL server certificate). Support for this amendment can be found in 
Table A and paragraphs 0064 through 0070. New claims 50-55 have also been added. 
Support for these claims can be found in paragraphs 0084, 0086, 0092, and 0094. No 
new matter has been added. 

II. Rej ections of Formality 

The Examiner rejected Claims 1-6, 14-22, 24-30, 38-46 and 48-49 under 35 
U.S.C. §112, second paragraph as being indefinite for failing to particularly point out 
and distinctly claim the subject matter which Applicant regards as the invention. 
Specifically, the Examiner cited the following indefinite terms: claim 1, "said trust 
entity certificate," claim 2, "said time stamp," and claims 3 and 27, "said hash 
values." In reply, Applicants respectfully submit that the claims as amended obviate 
this rejection. 

III. Prior Art Rejections 

The Examiner rejected Claims 1, 22, 24-25, 46 and 48 under 35 U.S.C. 
§102(e) as being anticipated or, in the alternative, under 35 U.S.C. §103(a) as being 
obvious over Hericourt, et al. (U.S. Publication No. 2002/0078347). The Examiner 
admits that Hericourt does not explicitly disclose a TIO having hash values as 
claimed, but states that "Hericourt discusses in paragraphs 11-17 that a X.509 
certificate's formal structure includes a signature of the certificate, a hash value of the 
certificate," and notes "that Hericourt does not place any restrictions on the type of 
certificates used in his invention." The examiner finds that "in discussing X.509 
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certificates in his background section, it would not have been beyond the scope of 
Hericourt's invention where the certificate used included an X.509 certificates. When 
these certificates are returned and the response from a CA filter, a hash value of the 
CA's certificate is also returned." 

Furthermore, in the final rejection of May 9, 2007, the Examiner states as 
follows: 

Applicant argues that because Hericourt could discloses only one 
certificate being provided to a user device, Hericourt "does not 
disclose the limitations as amended." The Examiner respectfully 
submits that as currently amended, it does not appear that the claim 
requires the client receive a plurality of trust entity certificates. 
Instead, the claim still refers to a certificate being received by a client, 
i.e., that is a single certificate is sent from the trust information 
provider to a client (note preamble). . . . There is no specific 
requirement by the claim that a plurality of trust entity certificates be 
created at all, much less received by the client. . . . Also, as recited, it 
does not appear that the TIO is necessarily tied to the trust entity 
certificates in any manner. 

The Examiner also indicates that Hericourt does disclose a plurality of certificates. 

Specifically, the Examiner states as follows: 

[N]ote that Hericourt deals with certificates (plural, not singular) being 
created by one or more CA's and then filtered (paragraphs 38 and 50). 
Thus, Hericourt does disclose a plurality of trust entity certificates, the 
trust entity being the CA's. The information contained in the 
certificates can be considered at least part of the TIO. 

Therefore, the examiner indicated that the claims do not reflect the arguments made 

and, even if they did, they would not be patentably distinct over Hericourt. 

In response, Applicant respectfully submits that the claims as amended are 
patentably distinct over Hericourt. 

A. Hericourt Fails To Disclose Transmitting A TIO From A 
Server To A Client To Facilitate Validation. 

It is well settled in U.S. patent law that to anticipate an invention, a single 

reference must disclose each element of the claimed invention, and to render a 

claimed invention obvious, each element of the claimed invention must be taught or 

suggested by the prior art cited by the Examiner. Here, Hericourt fails to teach or 
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suggest downloading a TIO from a server to a client for verification purposes. 
Specifically, the claims expressly state that a TIO is downloaded from a server to the 
client device and that the TIO comprises a plurality of hash values, each hash value 
being hashed from a trusted entity certificate, and a plurality of trust vectors, each 
trust vector corresponding to a hash value and being indicative of the level of trust 
associated with a particular trusted entity certificate. 

Nowhere does Hericourt disclose the transmission of such a database from the 
server to the client device. To the contrary, the CAF tables (310) containing the 
certificate data disclosed in Hericourt are resident in the client device . As set forth in 
the application: 

A CA Filter (309) is mainly a central repository comprising a list of 
trusted CAs with their associated Certificates. The repository is stored 
within a CA Filter Table (CAF Table) (310). The list of trusted CAs is 
periodically maintained, typically by a Security Administrator, 
according to some security guidelines specific to the company 

Paragraph 135. Thus, not only are the CA filter 309 and table 310 resident on the 

client device, but also they must be maintained by a security administrator. This is 

precisely the problem the claimed invention is intended to solve. Therefore, since a 

TIO is not downloaded from a server to the client device in Hericourt, Hericourt fails 

to anticipate the claimed invention. 

B. Hericourt Not Only Fails to Anticipate the Claimed 

Invention, But Also There is No Reason to Modify Its CAF 
Table to be a Downloadable TIO in Accordance With the 
Claimed Invention. 

It is well established in US patent law that there is no motivation to modify a 

reference if that modification would undermine the principle of operation of the 

reference. Here, the client device in Hericourt is configured to have resident CAF 

Tables containing certificate data. If the devices are already configured to 

accommodate these tables, there would be little reason to eliminate these tables and 

instead download a TIO, which uses hash values, rather than the actual trusted entity 

certificates. In other words, in the claimed TIO, the certificates are converted to hash 

values to reduce the size of the database and render it more suitable for downloading 
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from the server to the client devices. However, since the client devices in Hericourt 
are already configured to maintain a CAF database, there is no need to provide a 
downloadable database. Furthermore, eliminating the CAF Tables would destroy the 
principle of operation of Hericourt, which relies on the use of CAF and CFC tables 
(See paragraphs 142 et seq.) Since there is no motivation to modify Hericourt in 
accordance with the claimed invention, the rejection should be withdrawn and the 
claims allowed. 

In light of the above remarks, an early and favorable response is earnestly 
requested. 

Respectfully submitted, 

/Stephen J. Driscoll/ 
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